 |
|
||||||||||
ZISC Workshop on Cryptography
Next Event
Mailing List
For timely ZISC-related information, you are kindly invited to subscribe to the ZISC Announcements Mailing List.
Cryptography is an essential component of today's information society. Secure web browsing, remote access to a company network and online financial trading are only a few of the many applications that are unthinkable without strong cryptography.
Many cryptographic algorithms have been standardized and are widely recognized as being secure today, like the AES block cipher. Nevertheless, cryptography is not an area that can be considered "solved" and put aside, because cryptography evolves as the resources available to attackers increase and as new cryptanalytic methods are discovered. In 2004, for example, new attacks against hash functions became public that undermined the security of the widely used MD5 algorithm.
This workshop serves as a forum for presenting the state-of-the-art and current trends in cryptography. The workshop is intended for a technical audience with background knowledge in computer security, like security officers and security specialists interested in cryptography.
Date
Tuesday, October 31st, 2006
Speakers
- Arjen Lenstra, Laboratory for Cryptologic Algorithms, EPF Lausanne, Switzerland
- Elisabeth Oswald, IAIK, TU Graz, Austria
- Bart Preneel, Dept. Electrical Engineering ESAT-COSIC, K.U.Leuven, Belgium
- Jan Camenisch, IBM Zurich Research Laboratory, Switzerland
- Martin Hirt, ETH Zürich, Switzerland
- Tamas Visegrady, IBM Zurich Research Laboratory, Switzerland
Program
The workshop consists of a series of talks by experts from academia and industry.
| 9:30 | Welcome | Christian Cachin and Ueli Maurer |
| 9:45 |
Cryptographic compliance -- good or bad? Cryptology is not something decision makers have to worry about as long as they comply with the standards. It becomes a bit of a concern, however, when new standards with uncertain, unexpected, or undesirable properties are announced. In this talk note some recent developments on this front are discussed. |
Arjen K. Lenstra (EPFL) |
| 10:30 |
Power Analysis Attacks This talk surveys the state of the art in power analysis attacks. First, this talk describes the general idea behind power analysis attacks. In particular, this talk explains why these attacks work, how they work, and why they are relevant in practice. Second, this talk surveys different power analysis techniques. Third, this talk gives some numbers about how much effort (in terms of traces) is needed for different types of power analysis attacks nowadays. |
Elisabeth Oswald (TU Graz) |
| 11:15 | break | |
| 11:45 |
Survey of Security Certifications This talk provides an overview of practically used security certifications of cryptographic systems. We will cover the background of the most popular certifications (FIPS 140 and Common Criteria) and how they are applied to system security reviews. Focusing on how to design with security certification in mind, we also discuss how implementations are inspected retroactively during validation processes. Reflecting both approaches used by certification organizations, we describe both strictly defined (checklist) and framework-style validation. Practical examples are provided from past experience with both variants, with some details on how these contrasting approaches are evolving. In addition to certifications themselves, we will cover how research results influence to the development of certification standards. We'll provide examples of certification processes applying theory directly, and fields where certifications intentionally lag state-of-the-art research. |
Tamas Visegrady (IBM Zurich Research Laboratory) |
| 12:30 | lunch | |
| 14:00 |
Hash Functions: Dead or Alive? In this talk we review the design principles for iterated hash functions developed in the last two decades. We start by discussing the definitions for hash functions and the relations between them as well as the issues related to parameterization. We revisit the proofs of Merkle-Damgaard (collision resistance) and Lai-Massey (preimage resistance) and evaluate the impact of recent attacks, such as multi-collision attacks, 2nd preimage attacks based on fixed-points and herding attacks. Next we discuss the attacks by Wang et al. on MD4, MD5 and SHA-1; we focus on the implications of these attacks on applications such as digital signatures, certificates and message authentication. We also review the impact of this work on the HMAC construction. Finally we discuss alternative constructions of hash functions and the upcoming hash function competition organized by NIST. |
Bart Preneel (K.U.Leuven) |
| 14:45 |
Privacy and Authentication for Trusted Computing and User-Centric Identity Management The request for strong authentication over the internet is ever growing with phishing attacks and identity theft becoming more sophisticated and successful. Moreover, privacy concerns prevent people from using the internet for e-business. In this talk we show how one can have strong authentication and privacy at the same time. That is, we present particular cryptographic mechanisms that allow one to selectively reveal authenticated information. We then show how this technology is used in the context of trusted computing for remote attestation and in the context of user-centric identity management. |
Jan Camenisch (IBM Zurich Research Laboratory) |
| 15:30 | break | |
| 16:00 |
Receipt-Free K-out-of-L Voting We present a simple framework which allows to construct electronic voting schemes based on homomorphic encryption. The framework abstracts from the actual encryption function; it just requires few properties which are satisfied by known homomorphic public-key encryption schemes like ElGamal and Paillier. Then, we construct an efficient K-out-of-L voting scheme within this framework, in which every voter can vote for K candidates from a list of L candidates. Finally, this scheme is extended to prevent voters from selling their votes (receipt-freeness). This yields the first receipt-free K-out-of-L voting scheme with complexity polynomial in K and L. |
Martin Hirt (ETH Zürich) |
| 16:45 | Closing and Apéro |
Organizers
- Christian Cachin, IBM Zurich Research Laboratory
- Ueli Maurer, ETH Zürich
Registration
Please register by printing out the registration form, filling in your details, and sending it by fax or by mail to:
Barbara Geiser
IFW C 49.1
Haldeneggsteig 4
CH-8092 Zürich
Fax: +41 44 632 11 72
Phone: +41 44 632 72 43
E-Mail: barbara.geiser@inf.ethz.ch
Attending the workshop costs CHF 250 per person. Members from ZISC partners are exempt from the attendence fee. Payment is due in advance and must be received before the registration is confirmed. All registrations should be received by October 20, 2006. Space cannot be guaranteed for registrations received after that date.
Location
IBM Zurich Research Laboratory, Säumerstrasse 4, CH-8803 Rüschlikon
Wichtiger Hinweis:
Diese Website wird in älteren Versionen von Netscape ohne
graphische Elemente dargestellt. Die Funktionalität der
Website ist aber trotzdem gewährleistet. Wenn Sie diese
Website regelmässig benutzen, empfehlen wir Ihnen, auf
Ihrem Computer einen aktuellen Browser zu installieren. Weitere
Informationen finden Sie auf
folgender
Seite.
Important Note:
The content in this site is accessible to any browser or
Internet device, however, some graphics will display correctly
only in the newer versions of Netscape. To get the most out of
our site we suggest you upgrade to a newer browser.
More
information
